Lucene search
K

2906 matches found

CVE
CVE
added 2026/07/06 8:9 p.m.12 views

CVE-2026-25271

The CVE describes a TOCTOU race condition in Qualcomm DSP Service causing memory corruption when processing asynchronous input parameters due to improper handling of modified values between check and use. Affected component: DSP Service (Qualcomm). Root cause: TOCTOU under asynchronous input para...

7.8CVSS6AI score0.00052EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/07/06 7:55 p.m.6 views

EUVD-2026-25017

kill: 'kill -1' parsed as PID -1, sending SIGTERM to all processes system crash / DoS...

5.5CVSS5.9AI score0.00128EPSS
Exploits0References5
OSV
OSV
added 2026/07/06 8:3 a.m.4 views

PYSEC-2026-952 Incomplete validation in signal ops leads to crashes in TensorFlow

Impact The tf.compat.v1.signal.rfft2d and tf.compat.v1.signal.rfft3d lack input validation and under certain condition can result in crashes due to CHECK-failures. Patches We have patched the issue in GitHub commit 0a8a781e597b18ead006d19b7d23d0a369e9ad73 merging GitHub PR 55274. The fix will be...

5.5CVSS6.1AI score0.0031EPSS
Exploits1References12
OSV
OSV
added 2026/07/06 6:27 a.m.4 views

OESA-2026-2842 qt5-qtbase security update

This package provides base tools, such as string, xml, and network handling. Security Fixes: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an...

8.6CVSS6AI score0.00494EPSS
Exploits0References2
OSV
OSV
added 2026/07/06 6:27 a.m.4 views

OESA-2026-2841 qt5-qtbase security update

This package provides base tools, such as string, xml, and network handling. Security Fixes: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an...

8.6CVSS6AI score0.00494EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/07/01 7:51 p.m.5 views

CVE-2026-53352

A flaw was found in the Linux kernel. A race condition exists in the zapotherthreads function where job control flags are not properly cleared for the calling thread. This can occur when a multi-threaded process receives a stop signal, and one of its threads concurrently calls execve. The...

5.5CVSS5.8AI score0.00164EPSS
Exploits0References4
OSV
OSV
added 2026/07/01 2:16 p.m.3 views

UBUNTU-CVE-2026-53352

In the Linux kernel, the following vulnerability has been resolved: signal: clear JOBCTLPENDINGMASK for caller in zapotherthreads When a multi-threaded process receives a stop signal e.g., SIGSTOP, dosignalstop sets JOBCTLSTOPPENDING and JOBCTLSTOPCONSUME on all threads and sets...

5.7AI score0.00164EPSS
Exploits0References11
NVD
NVD
added 2026/06/27 9:16 a.m.9 views

CVE-2026-45259

sigqueue2 was marked as permitted in capability mode with the introduction of Capsicum in 2011, but the implementation of kernsigqueue did not include a capability mode check restricting signal delivery to the calling process's own PID. A process in capability mode can use sigqueue2 to send signa...

6.5CVSS0.00092EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/27 8:59 a.m.40 views

CVE-2026-45259 sigqueue(2) missing capability mode restriction

sigqueue2 was marked as permitted in capability mode with the introduction of Capsicum in 2011, but the implementation of kernsigqueue did not include a capability mode check restricting signal delivery to the calling process's own PID. A process in capability mode can use sigqueue2 to send signa...

0.00092EPSS
Exploits0References1
CVE
CVE
added 2026/06/27 8:59 a.m.42 views

CVE-2026-45259

CVE-2026-45259 affects FreeBSD where sigqueue(2) was allowed in capability mode but kern_sigqueue lacked a capability-mode check to restrict signal delivery to the caller’s own PID. The issue enables a capability-mode sandboxed process to signal other processes (including SIGKILL/SIGSTOP) within ...

6.5CVSS5.7AI score0.00092EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/27 8:59 a.m.11 views

CVE-2026-45259

sigqueue2 was marked as permitted in capability mode with the introduction of Capsicum in 2011, but the implementation of kernsigqueue did not include a capability mode check restricting signal delivery to the calling process's own PID. A process in capability mode can use sigqueue2 to send signa...

5.7AI score0.00092EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/27 12:0 a.m.11 views

PT-2026-53061

Name of the Vulnerable Software and Affected Versions FreeBSD affected versions not specified Description The implementation of the kern sigqueue function failed to include a capability mode check. This allows a process operating in Capsicum capability mode—a security framework that restricts...

6.5CVSS5.7AI score0.00092EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/26 3:32 p.m.9 views

EUVD-2026-39776

When used to deliver a signal to a specific thread, thrkill22 called pcansignal to determine whether the operation was permitted but did not check the result before delivering the signal. The signal was sent even when the permission check failed. The system call returned the resulting error to th...

5.5CVSS5.9AI score0.00092EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 3:16 p.m.5 views

CVE-2026-45256

When used to deliver a signal to a specific thread, thrkill22 called pcansignal to determine whether the operation was permitted but did not check the result before delivering the signal. The signal was sent even when the permission check failed. The system call returned the resulting error to th...

5.5CVSS0.00092EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/26 2:56 p.m.14 views

CVE-2026-52946

A flaw was found in the Linux kernel. A lock order deadlock can occur in the sendsigio and sendsigurg functions when a process group receives a signal. This vulnerability, caused by an unsafe lock order during software interrupts SOFTIRQ in asynchronous I/O fasync signaling, could allow a remote...

7.5CVSS5.8AI score0.00612EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/26 2:43 p.m.34 views

CVE-2026-45256 Missing permission check in thr_kill2(2)

When used to deliver a signal to a specific thread, thrkill22 called pcansignal to determine whether the operation was permitted but did not check the result before delivering the signal. The signal was sent even when the permission check failed. The system call returned the resulting error to th...

0.00092EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:43 p.m.33 views

CVE-2026-45256

CVE-2026-45256 affects FreeBSD thr_kill2(2). The kernel failed to verify the result of p_cansignal() before delivering a signal, allowing unprivileged local users who know target PIDs to signal processes they normally could not, including root-owned ones. This can lead to stopping or terminating ...

5.5CVSS5.9AI score0.00092EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/26 9:11 a.m.5 views

CVE-2026-53158

A flaw was found in the Linux kernel's fastrpc component. This vulnerability occurs due to a NULL pointer dereference when the Digital Signal Processor DSP sends a glink message before the fastrpc driver is fully initialized. This can lead to system instability or a denial of service DoS conditio...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 12:17 a.m.7 views

CVE-2026-53161

A flaw was found in the Linux kernel's fastrpc module. A race condition between closing a file descriptor and processing Digital Signal Processor DSP responses can lead to a use-after-free vulnerability. This allows a local attacker to potentially cause a system crash or, in some cases, execute...

7.8CVSS6.2AI score0.00135EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 12:17 a.m.8 views

CVE-2026-53159

A flaw was found in the Linux kernel's fastrpc module. The fastrpcgetargs function incorrectly calculates a Direct Memory Access DMA address offset for user-provided pointers. This can lead to an underflow, corrupting the DMA address sent to the Digital Signal Processor DSP. This corruption could...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
Rows per page
Query Builder